rte_ipsec_sad.h - Man Page
Synopsis
#include <stdint.h>
#include <rte_ip6.h>
Data Structures
struct rte_ipsec_sad_conf
Macros
#define RTE_IPSEC_SAD_NAMESIZE 64
#define RTE_IPSEC_SAD_FLAG_IPV6 0x1
#define RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY 0x2
Enumerations
enum
Functions
int rte_ipsec_sad_add (struct rte_ipsec_sad *sad, const union rte_ipsec_sad_key *key, int key_type, void *sa)
int rte_ipsec_sad_del (struct rte_ipsec_sad *sad, const union rte_ipsec_sad_key *key, int key_type)
struct rte_ipsec_sad * rte_ipsec_sad_find_existing (const char *name)
void rte_ipsec_sad_destroy (struct rte_ipsec_sad *sad)
int rte_ipsec_sad_lookup (const struct rte_ipsec_sad *sad, const union rte_ipsec_sad_key *keys[], void *sa[], uint32_t n)
Detailed Description
RTE IPsec security association database (SAD) support. Contains helper functions to lookup and maintain SAD
Definition in file rte_ipsec_sad.h.
Macro Definition Documentation
#define RTE_IPSEC_SAD_NAMESIZE 64
Max number of characters in SAD name.
Definition at line 52 of file rte_ipsec_sad.h.
#define RTE_IPSEC_SAD_FLAG_IPV6 0x1
Flag to create SAD with ipv6 dip and sip addresses
Definition at line 54 of file rte_ipsec_sad.h.
#define RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY 0x2
Flag to support reader writer concurrency
Definition at line 56 of file rte_ipsec_sad.h.
Enumeration Type Documentation
anonymous enum
Type of key
Definition at line 27 of file rte_ipsec_sad.h.
Function Documentation
int rte_ipsec_sad_add (struct rte_ipsec_sad * sad, const union rte_ipsec_sad_key * key, int key_type, void * sa)
Add a rule into the SAD. Could be safely called with concurrent lookups if RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY flag was configured on creation time. While with this flag multi-reader - one-writer model Is MT safe, multi-writer model is not and required extra synchronisation.
- Parameters
sad SAD object handle
key pointer to the key
key_type key type (spi only/spi+dip/spi+dip+sip)
sa Pointer associated with the key to save in a SAD Must be 4 bytes aligned.
Returns
0 on success, negative value otherwise
int rte_ipsec_sad_del (struct rte_ipsec_sad * sad, const union rte_ipsec_sad_key * key, int key_type)
Delete a rule from the SAD. Could be safely called with concurrent lookups if RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY flag was configured on creation time. While with this flag multi-reader - one-writer model Is MT safe, multi-writer model is not and required extra synchronisation.
- Parameters
sad SAD object handle
key pointer to the key
key_type key type (spi only/spi+dip/spi+dip+sip)
Returns
0 on success, negative value otherwise
struct rte_ipsec_sad * rte_ipsec_sad_find_existing (const char * name)
Find an existing SAD object and return a pointer to it.
- Parameters
name Name of the SAD object as passed to rte_ipsec_sad_create()
- Returns
Pointer to sad object or NULL if object not found with rte_errno set appropriately. Possible rte_errno values include:
- ENOENT - required entry not available to return.
void rte_ipsec_sad_destroy (struct rte_ipsec_sad * sad)
Destroy SAD object.
- Parameters
sad pointer to the SAD object
int rte_ipsec_sad_lookup (const struct rte_ipsec_sad * sad, const union rte_ipsec_sad_key * keys[], void * sa[], uint32_t n)
Lookup multiple keys in the SAD.
- Parameters
sad SAD object handle
keys Array of keys to be looked up in the SAD
sa Pointer associated with the keys. If the lookup for the given key failed, then corresponding sa will be NULL
n Number of elements in keys array to lookup.
Returns
-EINVAL for incorrect arguments, otherwise number of successful lookups.
Author
Generated automatically by Doxygen for DPDK from the source code.
Referenced By
The man pages rte_ipsec_sad_add(3), rte_ipsec_sad_del(3), rte_ipsec_sad_destroy(3), rte_ipsec_sad_find_existing(3), RTE_IPSEC_SAD_FLAG_IPV6(3), RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY(3), rte_ipsec_sad_lookup(3) and RTE_IPSEC_SAD_NAMESIZE(3) are aliases of rte_ipsec_sad.h(3).